tessl/pypi-pip

The PyPA recommended tool for installing Python packages.

1.07x

Overview

Eval results

Files

Package Verification Tool

Name: tessl/pypi-pip
Rating: 0.91 (1 reviews)
Author: tessl

A command-line utility that verifies downloaded Python packages against expected hash values to ensure integrity and security.

Capabilities

Compute package hashes

Given a local package file path and a hash algorithm name (sha256, sha384, or sha512), compute and return the hash value in hexadecimal format @test
When given a non-existent file path, raise a FileNotFoundError @test
When given an unsupported algorithm name (e.g., "md5"), raise a ValueError @test

Verify package integrity

Given a package file path, expected hash value, and algorithm, return True if the computed hash matches the expected hash @test
Given a package file path with a hash that doesn't match the expected value, return False @test

Generate requirements with hashes

Given a list of package file paths, generate a requirements.txt format output with package names and their hashes for sha256 algorithm @test
Support generating hashes with multiple algorithms (sha256 and sha512) for the same package @test

Implementation

@generates

API

def compute_hash(file_path: str, algorithm: str = "sha256") -> str:
    """
    Compute the hash of a package file using the specified algorithm.

    Args:
        file_path: Path to the package file
        algorithm: Hash algorithm to use (sha256, sha384, or sha512)

    Returns:
        Hexadecimal hash string

    Raises:
        FileNotFoundError: If file does not exist
        ValueError: If algorithm is not supported
    """
    pass

def verify_hash(file_path: str, expected_hash: str, algorithm: str = "sha256") -> bool:
    """
    Verify that a package file matches the expected hash.

    Args:
        file_path: Path to the package file
        expected_hash: Expected hash value in hexadecimal
        algorithm: Hash algorithm to use (sha256, sha384, or sha512)

    Returns:
        True if hash matches, False otherwise

    Raises:
        FileNotFoundError: If file does not exist
        ValueError: If algorithm is not supported
    """
    pass

def generate_requirements_with_hashes(package_files: list[str], algorithms: list[str] = None) -> str:
    """
    Generate requirements.txt format output with hash values for package files.

    Args:
        package_files: List of paths to package files (wheel or sdist)
        algorithms: List of hash algorithms to use (defaults to ["sha256"])

    Returns:
        String in requirements.txt format with --hash options

    Raises:
        FileNotFoundError: If any file does not exist
        ValueError: If any algorithm is not supported
    """
    pass

Dependencies { .dependencies }

pip { .dependency }

Provides hash computation functionality for Python packages. Use pip's hash computation capabilities to generate secure hashes for package verification.

Install with Tessl CLI

npx tessl i tessl/pypi-pip